Cisco Press Self Study CCSP Cisco Secure VPN Exam Certification Guide EBook.pdf

(19150 KB) Pobierz
CCSP.book
CCSP Self-Study
CCSP Cisco Secure VPN
Exam Certification Guide
John F. Roland
Mark J. Newcomb
Cisco Press
Cisco Press
201 West 103rd Street
Indianapolis, IN 46290 USA
353305275.142.png 353305275.153.png 353305275.164.png 353305275.175.png 353305275.001.png 353305275.012.png 353305275.023.png 353305275.034.png 353305275.045.png 353305275.056.png 353305275.067.png 353305275.078.png 353305275.089.png 353305275.100.png 353305275.102.png 353305275.103.png 353305275.104.png 353305275.105.png 353305275.106.png 353305275.107.png 353305275.108.png 353305275.109.png 353305275.110.png 353305275.111.png 353305275.112.png 353305275.113.png 353305275.114.png 353305275.115.png 353305275.116.png 353305275.117.png 353305275.118.png 353305275.119.png 353305275.120.png 353305275.121.png 353305275.122.png 353305275.123.png 353305275.124.png
ii
CCSP Self-Study
CCSP Cisco Secure VPN Exam Certification Guide
John F. Roland and Mark J. Newcomb
Copyright © 2003 Cisco Systems, Inc.
Published by:
Cisco Press
201 West 103rd Street
Indianapolis, IN 46290 USA
All rights reserved. No part of this book may be reproduced or transmitted in any form or by any means, electronic or
mechanical, including photocopying, recording, or by any information storage and retrieval system, without written
permission from the publisher, except for the inclusion of brief quotations in a review.
Printed in the United States of America 1 2 3 4 5 6 7 8 9 0
First Printing April 2003
Library of Congress Cataloging-in-Publication Number: 2002108141
ISBN: 1-58720-070-8
Warning and Disclaimer
This book is designed to provide information about selected topics for the CCSP Cisco Secure VPN exam. Every effort
has been made to make this book as complete and as accurate as possible, but no warranty or fitness is implied.
The information is provided on an “as is” basis. The authors, Cisco Press, and Cisco Systems, Inc., shall have neither
liability nor responsibility to any person or entity with respect to any loss or damages arising from the information
contained in this book or from the use of the discs or programs that may accompany it.
The opinions expressed in this book belong to the authors and are not necessarily those of Cisco Systems, Inc.
Trademark Acknowledgments
All terms mentioned in this book that are known to be trademarks or service marks have been appropriately capitalized.
Cisco Press or Cisco Systems, Inc., cannot attest to the accuracy of this information. Use of a term in this book should
not be regarded as affecting the validity of any trademark or service mark.
Feedback Information
At Cisco Press, our goal is to create in-depth technical books of the highest quality and value. Each book is crafted
with care and precision, undergoing rigorous development that involves the unique expertise of members from the
professional technical community.
Readers’ feedback is a natural continuation of this process. If you have any comments regarding how we could
improve the quality of this book, or otherwise alter it to better suit your needs, you can contact us through e-mail at
feedback@ciscopress.com. Please make sure to include the book title and ISBN in your message.
We greatly appreciate your assistance.
353305275.125.png 353305275.126.png 353305275.127.png 353305275.128.png 353305275.129.png 353305275.130.png 353305275.131.png 353305275.132.png 353305275.133.png 353305275.134.png 353305275.135.png 353305275.136.png 353305275.137.png 353305275.138.png 353305275.139.png 353305275.140.png 353305275.141.png 353305275.143.png 353305275.144.png 353305275.145.png 353305275.146.png 353305275.147.png 353305275.148.png 353305275.149.png 353305275.150.png 353305275.151.png 353305275.152.png 353305275.154.png 353305275.155.png 353305275.156.png 353305275.157.png 353305275.158.png 353305275.159.png 353305275.160.png 353305275.161.png 353305275.162.png 353305275.163.png
iii
Publisher
John Wait
Editor-In-Chief
John Kane
Cisco Representative
Anthony Wolfenden
Cisco Press Program Manager
Sonia Torres Chavez
Manager, Marketing Communications, Cisco Systems
Scott Miller
Cisco Marketing Program Manager
Edie Quiroz
Executive Editor
Brett Bartow
Acquisitions Editor
Michelle Grandin
Production Manager
Patrick Kanouse
Development Editor
Dayna Isley
Senior Editor
Sheri Cain
Copy Editor
PIT, John Edwards
Technical Editors
Scott Chen, Gert Schauwers, Thomas Scire
Team Coordinator
Tammi Ross
Book Designer
Gina Rexrode
Cover Designer
Louisa Adair
Composition
Octal Publishing, Inc.
Indexer
Tim Wright
Media Developer
Jay Payne
Corporate Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 526-4100
European Headquarters
Cisco Systems Europe
11 Rue Camille Desmoulins
92782 Issy-les-Moulineaux
Cedex 9
France
http://www-europe.cisco.com
Tel: 33 1 58 04 60 00
Fax: 33 1 58 04 61 00
Americas Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-7660
Fax: 408 527-0883
Asia Pacific Headquarters
Cisco Systems Australia,
Pty., Ltd
Level 17, 99 Walker Street
North Sydney
NSW 2059 Australia
http://www.cisco.com
Tel: +61 2 8448 7100
Fax: +61 2 9957 4350
Cisco Systems has more than 200 offices in the following countries. Addresses, phone numbers, and fax numbers are listed on
the Cisco Web site at www.cisco.com/go/offices
Argentina • Australia • Austria • Belgium • Brazil • Bulgaria • Canada • Chile • China • Colombia • Costa
Rica • Croatia • Czech Republic • Denmark • Dubai, UAE • Finland • France • Germany • Greece • Hong Kong
Hungary • India • Indonesia • Ireland • Israel • Italy • Japan • Korea • Luxembourg • Malaysia • Mexico
The Netherlands • New Zealand • Norway • Peru • Philippines • Poland • Portugal • Puerto Rico • Romania
Russia • Saudi Arabia • Scotland • Singapore • Slovakia • Slovenia • South Africa • Spain • Sweden
Switzerland • Taiwan • Thailand • Turkey • Ukraine • United Kingdom • United States • Venezuela • Vietnam
Zimbabwe
Copyright © 2000, Cisco Systems, Inc. All rights reserved. Access Registrar, AccessPath, Are You Ready, ATM Director, Browse with Me, CCDA, CCDE, CCDP, CCIE, CCNA,
CCNP, CCSI, CD-PAC, CiscoLink , the Cisco Net Works logo, the Cisco Powered Network logo, Cisco Systems Networking Academy, Fast Step, FireRunner, Follow Me Browsing,
FormShare, GigaStack, IGX, Intelligence in the Optical Core, Internet Quotient, IP/VC, iQ Breakthrough, iQ Expertise, iQ FastTrack, iQuick Study, iQ Readiness Scorecard, The
iQ Logo, Kernel Proxy, MGX, Natural Network Viewer, Network Registrar, the Networkers logo, Packet , PIX, Point and Click Internetworking, Policy Builder, RateMUX,
ReyMaster, ReyView, ScriptShare, Secure Script, Shop with Me, SlideCast, SMARTnet, SVX, TrafficDirector, TransPath, VlanDirector, Voice LAN, Wavelength Router,
Workgroup Director, and Workgroup Stack are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn, Empowering the Internet Generation, are
service marks of Cisco Systems, Inc.; and Aironet, ASIST, BPX, Catalyst, Cisco, the Cisco Certified Internetwork Expert Logo, Cisco IOS, the Cisco IOS logo, Cisco Press, Cisco
Systems, Cisco Systems Capital, the Cisco Systems logo, Collision Free, Enterprise/Solver, EtherChannel, EtherSwitch, FastHub, FastLink, FastPAD, IOS, IP/TV, IPX,
LightStream, LightSwitch, MICA, NetRanger, Post-Routing, Pre-Routing, Registrar, StrataView Plus, Stratm, SwitchProbe, TeleRouter, are registered trademarks of Cisco Systems,
Inc. or its affiliates in the U.S. and certain other countries.
All other brands, names, or trademarks mentioned in this document or Web site are the property of their respective owners. The use of the word partner does not imply a partnership
relationship between Cisco and any other company. (0010R)
353305275.165.png 353305275.166.png 353305275.167.png 353305275.168.png 353305275.169.png 353305275.170.png 353305275.171.png 353305275.172.png 353305275.173.png 353305275.174.png 353305275.176.png 353305275.177.png 353305275.178.png 353305275.179.png 353305275.180.png 353305275.181.png 353305275.182.png 353305275.183.png 353305275.184.png 353305275.185.png 353305275.002.png 353305275.003.png 353305275.004.png 353305275.005.png 353305275.006.png 353305275.007.png 353305275.008.png 353305275.009.png 353305275.010.png 353305275.011.png 353305275.013.png 353305275.014.png 353305275.015.png 353305275.016.png 353305275.017.png 353305275.018.png 353305275.019.png
iv
About the Authors
CCNA, CCDA, CCNP, CCDP, CSS-1, MCSE, is a security specialist who works for Ajilon Consulting.
John has worked in the IT field for more than 22 years, from COBOL programming on IBM mainframes to LAN/WAN
design and implementation on United States military networks and, more recently, to the development of Cisco and
Microsoft certification training materials. John’s current assignment has him designing and implementing enterprise
network certification testing at one of the largest banks in America.
John holds a bachelor’s degree in accounting from Tiffin University, Tiffin, Ohio, with minors in math and electrical
engineering from General Motors Institute, Flint, Michigan.
is the owner and lead security engineer for Secure Networks in Spokane, Washington. Mark has
over 20 years of experience in the networking industry, focusing on the financial and medical industries. The last six
years have been devoted to designing security solutions for a wide variety of clients throughout the Pacific Northwest.
Mark was one of the first people to obtain the CCNA certification from Cisco and has since obtained CCDA, CCNP, and
CCDP certifications. He is the co-author of
, published by Cisco Press, and two
other networking books. He has been a technical reviewer on over 20 texts regarding networking for a variety of pub-
lishers. He can be reached by e-mail at mnewcomb@wanlansecurity.com.
Cisco Secure Internet Security Solutions
About the Technical Reviewers
has worked in the IT field for the past seven years holding various positions, including senior NT engineer,
senior network engineer, and lead network engineer/network manager. Scott is currently a lead network engineer/net-
work manager at Triad Financial Corporation, which is a wholly owned subsidiary of Ford Motor. He has implemented
VPN solutions for remote access and LAN-to-LAN for several enterprises. Scott has extensive experience designing,
implementing, and supporting enterprise networks and working with various technologies that Cisco offers, including
routing, switching, security, content switching, wireless, BGP, EIGRP, and NAT. Scott graduated from the University of
California, Irvine, with a bachelor’s degree. He also holds several certifications, including MCSE, CCNA, CCNP, and
CCIE Written/Qualification. Scott can be reached through e-mail at scottchen@cox.net.
is a triple Cisco Certified Internet Expert (CCIE No. 6942)—Routing and Switching, Security, and
Communication and Services. He has more than four years experience in internetworking and holds an Engineering
degree in Electronics/Communication. Gert is currently working in the Brussels CCIE lab where he’s a proctor and
content engineer for the Routing and Switching, Security, and Communication and Services exams.
has been working in the network infrastructure industry since 1996. Thomas specializes in LAN, WAN,
security, and multiservice infrastructure from Cisco Systems, Checkpoint, and Nokia. Thomas works for Accudata Sys-
tems, Inc., an independent IT professional services and solutions firm that specializes in enterprise network and security
infrastructure. Some of his more notable projects include enterprise VPN and IP telephony deployments and an interna-
tional Voice over Frame Relay network deployment. Thomas holds a bachelor’s degree in Computer Engineering from
Polytechnic University and holds several certifications, including Cisco CCNA/CCDA, Cisco IP Telephony Design
Specialist, Checkpoint Certified Security Engineer, Checkpoint Certified Security Instructor, and Nokia Security
Administrator.
John F. Roland,
Mark J. Newcomb
Scott Chen
Gert Schauwers
Thomas Scire
353305275.020.png 353305275.021.png 353305275.022.png 353305275.024.png 353305275.025.png 353305275.026.png 353305275.027.png 353305275.028.png 353305275.029.png 353305275.030.png 353305275.031.png 353305275.032.png 353305275.033.png 353305275.035.png 353305275.036.png 353305275.037.png 353305275.038.png 353305275.039.png 353305275.040.png 353305275.041.png 353305275.042.png 353305275.043.png 353305275.044.png 353305275.046.png 353305275.047.png 353305275.048.png 353305275.049.png 353305275.050.png 353305275.051.png 353305275.052.png 353305275.053.png 353305275.054.png 353305275.055.png 353305275.057.png 353305275.058.png 353305275.059.png 353305275.060.png
v
Dedications
From John Roland:
This book is dedicated to my wife of 28 years, Mariko, and to our son, Michael, for their understanding and support.
Their steady love and encouragement has kept me on target through some trying times during the development of this
book. You’re the greatest! I further dedicate this book to my late parents, Hazel and Forrest Roland, for nurturing me,
teaching me right from wrong, setting a shining example of a loving partnership, and showing me the benefits of a good
day’s work. I like to believe that they will be kicking up their heels together throughout eternity.
From Mark Newcomb:
This book is dedicated to my wife, Jacqueline, and my daughter, Isabella Rumiana. Jacqueline’s patience and under-
standing while I am in the process of writing never fails to amaze me.
353305275.061.png 353305275.062.png 353305275.063.png 353305275.064.png 353305275.065.png 353305275.066.png 353305275.068.png 353305275.069.png 353305275.070.png 353305275.071.png 353305275.072.png 353305275.073.png 353305275.074.png 353305275.075.png 353305275.076.png 353305275.077.png 353305275.079.png 353305275.080.png 353305275.081.png 353305275.082.png 353305275.083.png 353305275.084.png 353305275.085.png 353305275.086.png 353305275.087.png 353305275.088.png 353305275.090.png 353305275.091.png 353305275.092.png 353305275.093.png 353305275.094.png 353305275.095.png 353305275.096.png 353305275.097.png 353305275.098.png 353305275.099.png 353305275.101.png

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika:

Zgłoś jeśli naruszono regulamin